Allow users to work from anywhere and connect to any cloud application, public or private, with iboss cloud

Organizations are constantly faced with competitive pressures that force them to adapt their business. While an organization’s technology strategies and resources should keep pace with these changes, the reality is they often lag behind. This creates a gap between how people work and how the IT infrastructure supports them. When the gap becomes too big, many problems arise, including security risks, operational disruption, compliance violations, skyrocketing costs, and poor user experience.

Organizations deploying and using legacy network security appliances to protect cloud connectivity and internet access are faced with these problems today. Mobility, exponential bandwidth growth and cloud application adoption is leading to escalating costs, difficulty in securing users outside of the traditional network perimeter, and loss of end user productivity due to slow connections resulting from forcing traffic for remote workers through corporate networks. The physical network perimeter has eroded making devices the new network perimeter. Users can work from anywhere and need fast and secure connections to all cloud resources regardless of location.

The shift to a Zero Trust network architecture allows organizations to ensure fast compliant and secure connections from any location. Because users are always connected through the cloud network security service, access to cloud applications and resources can be granted based on who the user is, including the user’s role within an organization. These resources can be public or private. Public resources might include Microsoft Office 365, while private resources are those that are typically behind a firewall or within a corporate network. The iboss cloud network security service is connected to all resources and makes decisions on which resources a user might have access based on user identity.

click ​here​​ to visit vend​or product page>>

Move network security to the cloud and save on infrastructure costs and appliance management overhead

The iboss cloud provides a sustainable and strategic path for providing network security by transitioning network security functions from firewall and proxy appliances to a SaaS delivered network security in the cloud

Migrating from traditional on-prem network security appliances, such as firewalls and proxies, to a Security as a Service network platform delivered in the cloud can seem like a daunting and risky task. The security policies that have been created over decades within the network security appliance-based platform may seem extensive and possibly even convoluted.

In addition, transitions in staff may have resulted in a loss of understanding of all of the gateway appliance rules and infrastructure that are in place. With iboss cloud, migrating from on-prem network security appliances to network security in the cloud is easily accomplished. All of the network security features and capabilities transition to the cloud, and the only thing left behind are the appliances.

To transition successfully to a cloud-based network security platform, the cloud platform must be capable of supporting the vast set of network security functions and user-based policies that the on-prem solution supports. That includes all complex web proxy policy sets that might be in place. The iboss cloud has an extensive set of security policies that not only meet, but exceed the capabilities of appliance-based solutions that were designed in the pre-cloud era. When migrating to the iboss cloud, all policies including malware defense rules are migrated easily. The 100% API-based platform allows automation and the effective transfer of policy sets into the iboss cloud platform. In addition, iboss will support you in migrating complex policy sets as virtually all types of network security appliance types, including on-prem web gateway proxies, have been migrated to the iboss cloud.

click ​here​​ to visit vend​or product page>>

User and Group Based Policies Designed to Increase Productivity

Flexible policies can be created to increase productivity while ensuring security

User and group based policies provide the flexibility to create differentiated role-based Internet access allowing users to be productive and secure

Each department within an organization typically needs varying levels of Internet access depending what the job entails. The ability for IT administrators to create tailored web access roles to enable productivity while ensuring compliance and security is critical. A single one size fits all policy is not only overly prohibitive but also reduces productivity. The iboss cloud allows for the creation of varying policies depending on which user is accessing the Internet. This ensures the user can accomplish what they are trying to achieve online while remaining secure from malware and other threats on the Internet.

These policies are automatically assigned to users so they are seamlessly assigned ensuring low friction and a great user experience. In addition, the policies can be tied to Active Directory Security Groups or Organizational Units to simplify the assignment of policies to users within the organization. In addition, SAML can be used to tie users to specific policies based on user or group membership.

click ​here​​ to visit vend​or product page>>

SaaS Network Security, Delivered in the Cloud

The most advanced SASE and Zero Trust platform that allows users to work from anywhere with fast and secure connections to all cloud applications .

click ​here​​ to visit vend​or product page>>

Comprehensive CASB controls for visibility into cloud application use

The iboss cloud platform delivers the CASB capabilities and features you need to reduce risk while users access cloud applications

The ability to apply fine grained controls and gain visibility into cloud application use is critical with the move of applications to the cloud. The iboss cloud is the gateway to the cloud giving it the ability to control cloud applications and provide visibility into cloud application use. Cloud application controls are extensive and range from Facebook, to Google to Microsoft. This includes making Facebook read-only, ensuring access to Google Drive is corporate only and leveraging Microsoft Office 365 Tenant restrictions.

Control cloud applications such as Facebook, LinkedIn and Twitter to ensure compliance

The iboss cloud includes extensive cloud application controls spanning applications such as Spotify, Pinterest, Facebook, Twitter, LinkedIn, and Search Engines. The policies can be applied on a per user or per group basis to prevent actions such as posting sensitive information to social media sites which violate PCI and HIPAA compliance. In addition, visibility into applications is provided in detailed real-time dashboards and drill down reports. Since iboss cloud lives in the cloud, controls and visibility is applied to all users in regardless location.

Extensive Google application controls including YouTube and Google Drive

Application controls span the suite of Google Apps, including Google Drive. This includes enforcing Safe Search on Google to reduce liability and ensure compliance as well as controls across the vast suite of Google Applications. Applications include Google Cloudprint, Google Trends, Google Research, Google Wallet, Google Maps, Google Translation, Shopping, Google Groups, Google Play, Google Video, Google Sites, Gmail and Google Earth. In addition, Gmail, Google Drive, Google Docs, Google Plus, Google Groups and Google Sites can be restricted to only company use by restricting access to the registered G-Suite company domain.

Gen-3 CASB Protection Prevents Data Loss from Shadow IT

The iboss cloud provides the most powerful Gen-3 CASB on the market, ensuring data transfers from devices are controlled and remain within corporate owned cloud accounts. For example, if a user is accessing Office 365 from the office or at home, data transfers from the device are forced into the corporate owned office 365 account. For Google services, such as Google Drive, file uploads can be forced to the organization’s Google Drive account instead of a personal use Google Drive account. Slack can also be controlled so that the use of messaging remains within the corporate Slack account. Gen-3 CASB prevents data loss and shadow IT by controlling the network data from the device to destinations in the cloud. Gen-3 CASB protects what legacy CASB technology misses by ensuring all network transfers end up in the right place in the cloud.

click ​here​​ to visit vend​or product page>>

The iboss cloud provides unique source IP Address identity in the cloud so that existing policies that rely on them are maintained

When traffic leaves an organization’s network destined to the cloud, the source IP Address of that traffic is uniquely associated with the organization. These addresses are typically assigned by the Internet Service Provider to the organization. This IP is used to restrict access to portals and connect to back-office networks.

The unique association between the source IP Address and an organization’s identity on the Internet has become an important aspect for integration due it’s use by IT departments to connect vendors and technology integrations. IT teams provide these IP Addresses to third-parties to connect the organization’s network and provide access to the resources provided by the third-party.

When moving to a cloud-based gateway platform, typically the ability to maintain unique source IP presence in the cloud is lost. For example, if a user is mobile and being protected at a coffee shop, as they access the Internet, the outside world may not see that user as belonging to the organization because the source IP is mapped to the coffee shop and not the organization itself. This can be challenging and put IT departments in a predicament as they look at migrating from on-prem Web Gateway appliances to a cloud-based gateway platform.

With the iboss cloud, each customer gets dedicated source cloud IP Addresses which are associated with the organization. Because of this, any data traversing the global cloud gateways in iboss cloud will have a uniquely associated IP Address that can be mapped to the organization. This means that users always appear to be accessing the Internet from within the organization regardless of whether they’re in the office or on the road. This preserves the critical connectivity requirements that IT departments need when migrating to a cloud gateway platform.

click ​here​​ to visit vend​or product page>>

Easily Switch from Bluecoat to iboss and transform from legacy proxy appliances to modern SaaS delivered network security

Proxy appliances were not designed for the modern, cloud-driven, world. They were designed to protect network traffic for users within offices, yet those users are working from home. They were designed to handle a predefined amount of network traffic, yet the volume of traffic is increasing exponentially by the day. Network proxy appliances were designed to decrypt and inspect limited amounts of encrypted HTTPS traffic. However, over 99% of all browsing time is over encrypted HTTPS connections according to the Google HTTPS Transparency Report. Proxy appliances were not designed for the cloud driven and mobile world. Switching to iboss ensures you get all of the network security capabilities found in proxy appliances, without the appliances and at infinite scale. This reduces infrastructure costs, reduces labor and is designed for the work from home and mobile future.

The iboss Platform is Designed for Mobile and Work from Home Users

Users are not sitting behind the Bluecoat proxy appliances. They are working remotely, from home. If the network traffic does not traverse the Bluecoat appliances, it cannot inspect or protect that data. Because of this, organizations leveraging on-prem proxy appliances, like Bluecoat, are forced to send network data from remote users through slow VPN connections to provide network security. This is unsustainable and results in slow connections which reduces productivity and increases costs.

The iboss cloud platform provides all of the capabilities found in traditional and legacy Bluecoat appliances, except without the gear. It allows network data from remote users to be secured directly in the cloud, eliminating the unnecessary data backhaul through VPN connections. This results in fast connections, increased end-user productivity and reduced costs.

The iboss Platform Performs HTTPS Decryption at Scale

Over 99% of all browsing time is over encrypted HTTPS connections, according to the Google HTTPS Transparency Report. Proxy appliances have compute and processing limitations and require a lot of hardware to handle the high volume of HTTPS traffic. This is extremely costly and typically results in extremely slow connections and the need to expand data center footprints.

The iboss cloud runs as a complete SaaS offering in the cloud. It has infinite computing power to decrypt any volume of traffic, without increasing costs. As encrypted traffic increases, your costs do not as iboss will process, decrypt and inspect all traffic automatically. This includes the large volumes of traffic from remote work from home users.

Bluecoat Proxy Appliances Leave Cybersecurity Blindspots as Users Work From Home

If the network traffic is not traversing the Bluecoat, it cannot provide the protection or generate the log events that provide cybersecurity teams the visibility they need to enforce compliance, prevent malware and eliminate data loss. The appliances are only capable of inspecting traffic within the office.

With iboss cloud, all network traffic is always inspected before going to the cloud, regardless of user location. This includes protection for users in the office and those working from home. It can also generate the log events and drill down reports needed to ensure a strong cybersecurity posture for all users, from all locations, at all times. In addition, the iboss cloud can force network traffic to business applications while preventing traffic to personal cloud accounts, such as Google Drive. This reduces shadow IT and data loss from users, including those that work from home.

The iboss platform offers a 100% drop in replacement for Bluecoat proxy appliances converting a data center from simply hosting legacy proxy appliances to becoming a private cloud Point of Presence. The private cloud is linked to the global iboss cloud and immediately converts Bluecoat appliances to a modern private cloud extension of the iboss cloud global footprint.

click ​here​​ to visit vend​or product page>>

The best protection from malware and threats via iboss and top-ranked malware engines and feeds

Top-ranked malware engines and feeds are also included in the iboss cloud malware defense package to provide defense-in-depth protection by leveraging leading Cybersecurity companies and cutting edge malware defense technology.

There is no single Cybersecurity strategy or solution that can prevent all malware. The combination of various techniques and approaches are required to ensure the most comprehensive protection is applied to user Internet connectivity.

There are core categories of protection that can be applied to ensure secure connectivity between users and the cloud.

Malware Engines are able to decompose entire files, web pages and content and inspect them for malicious threats. Next-gen anti-malware engines capable of analyzing files are critical for protection that goes beyond firewall packets and streams.

Threat feeds contain signatures, destination and content used to determine whether an Internet transaction is malicious or is originating from an infected device. These feeds contain various types of signatures including phishing destinations, Botnet Command and Control (CnC) destinations and file signatures. Many of these feeds are created by sophisticated threat research teams, like Verizon Managed Security Services which deals with over 1 million incidents per day and has visibility into over 80% of the world’s Internet traffic. The ability to apply threat feeds to the data the cloud gateways are processing results in applying the millions of daily man hours of security intelligence to protect users from daily evolving threats.

Log analytics intelligence allow the ability to distill the millions of log events that occur daily into meaningful insight that administrators can understand. In addition, user behavioral analytics signal when something is wrong not when an infection occurs, but when user behavior changes. This user behavioral changes can be due to malware hijacking user credentials or insider threats. The iboss cloud generates log events for all cloud activity, malware events and DLP alerts which can all be analyzed by iboss intelligence as well as integrated third-party intelligence.

click ​here​​ to visit vend​or product page>>

Extend iboss cloud into a Private Cloud Point of Presence

The design of the iboss cloud allows the cloud to extend seamlessly into an optional private cloud point of presence

In some cases customers have data center capacity and would like to extend the iboss cloud into a private cloud. When this occurs, the customer creates a private cloud Point Of Presence (POP) and iboss cloud extends naturally into the private cloud adding one more POP to it’s global data center footprint. The private cloud only services the particular customer and is dedicated capacity for that customer. Everything needed to create a private cloud POP is provided by iboss. The containerized architecture of iboss cloud makes this seamless as iboss provides containerized gateway capacity that runs within the customer’s data center. Because the private cloud is just an extension of the global iboss cloud, any policies or controls configured within iboss cloud will automatically extend into the private cloud POP. The private cloud becomes part of the iboss cloud extending it to private points of presence. This provides the consistency in security and user experience necessary when extending the cloud into your headquarters or corporate data centers. All private cloud capacity is provided by iboss which reduces costs and simplifies deployment. Extending into a private cloud is completely optional but is available when needed.

click ​here​​ to visit vend​or product page>>